Ericsson US discloses data breach after service provider hack
Summary
Ericsson US has disclosed a data breach resulting from a cyberattack on one of its service providers. The attackers gained access to data belonging to an unknown number of employees and customers.
IFF Assessment
FOE
This is bad news for defenders as it highlights a supply chain vulnerability that can lead to data theft.
Defender Context
This incident underscores the critical importance of third-party risk management and supply chain security. Defenders should focus on rigorously vetting service providers, implementing strict access controls, and ensuring robust monitoring of vendor systems for any signs of compromise.